Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/10/2024, 01:33
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://ci3.googleusercontent.com/meips/ADKq_NZQWR-whm3dVDZg-eMDf3eQmEpLi6eL9FrU49TSQ_-VOtBElI9CDJQNGakLSiWaBv1xc5ZW57u5HCiC56lfFlG7wzNNkZy0U9ntt1-1gpV18YcllOnZGZt5KyqcIr-71efQkksJiib1eQ5CaGaR_EAEy646=s0-d-e1-ft#https://mediacdn.aruba.it/MediaCDNRepository/files/ac/ac096332-14d0-4653-9ed5-4a9b7ddcdeb1.png
Resource
win10v2004-20241007-en
windows10-2004-x64
General
-
Target
https://ci3.googleusercontent.com/meips/ADKq_NZQWR-whm3dVDZg-eMDf3eQmEpLi6eL9FrU49TSQ_-VOtBElI9CDJQNGakLSiWaBv1xc5ZW57u5HCiC56lfFlG7wzNNkZy0U9ntt1-1gpV18YcllOnZGZt5KyqcIr-71efQkksJiib1eQ5CaGaR_EAEy646=s0-d-e1-ft#https://mediacdn.aruba.it/MediaCDNRepository/files/ac/ac096332-14d0-4653-9ed5-4a9b7ddcdeb1.png
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133729113708821219" chrome.exe -
Suspicious behavior: EnumeratesProcesses 6 IoCs
pid Process 460 chrome.exe 460 chrome.exe 2868 chrome.exe 2868 chrome.exe 2868 chrome.exe 2868 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 460 chrome.exe 460 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe Token: SeShutdownPrivilege 460 chrome.exe Token: SeCreatePagefilePrivilege 460 chrome.exe -
Suspicious use of FindShellTrayWindow 33 IoCs
pid Process 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe 460 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 460 wrote to memory of 3844 460 chrome.exe 83 PID 460 wrote to memory of 3844 460 chrome.exe 83 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 4684 460 chrome.exe 84 PID 460 wrote to memory of 1468 460 chrome.exe 85 PID 460 wrote to memory of 1468 460 chrome.exe 85 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86 PID 460 wrote to memory of 3464 460 chrome.exe 86
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ci3.googleusercontent.com/meips/ADKq_NZQWR-whm3dVDZg-eMDf3eQmEpLi6eL9FrU49TSQ_-VOtBElI9CDJQNGakLSiWaBv1xc5ZW57u5HCiC56lfFlG7wzNNkZy0U9ntt1-1gpV18YcllOnZGZt5KyqcIr-71efQkksJiib1eQ5CaGaR_EAEy646=s0-d-e1-ft#https://mediacdn.aruba.it/MediaCDNRepository/files/ac/ac096332-14d0-4653-9ed5-4a9b7ddcdeb1.png1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:460 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd8ec5cc40,0x7ffd8ec5cc4c,0x7ffd8ec5cc582⤵PID:3844
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1980,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1976 /prefetch:22⤵PID:4684
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1884,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2096 /prefetch:32⤵PID:1468
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:82⤵PID:3464
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:12⤵PID:4704
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3180 /prefetch:12⤵PID:4772
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4536,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4700 /prefetch:82⤵PID:2020
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5080,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4984 /prefetch:82⤵PID:3924
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4524,i,3663287601550792581,1798268697555969063,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4924 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:2868
-
-
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"1⤵PID:3108
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc1⤵PID:3624
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD504f5b1a64367bf05b30dc3522ddf1fc1
SHA1d1a1547887a3ef16c4cbb10503fbde376fe40a32
SHA2565add4594befabd7fd908bf15d3deb51c61e6481f8e6677d2f61b24c383ac6003
SHA512b35d295aad7b795949c844a9fbecbcf5aac8a1020cbbc20f2e41dbfa5b6ed75b7e963ed87cc51641b9d0884917ee89aef2c072cc6c7508759ab4cad95916e31e
-
Filesize
2B
MD5d751713988987e9331980363e24189ce
SHA197d170e1550eee4afc0af065b78cda302a97674c
SHA2564f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af
-
Filesize
8KB
MD5a2d81aebc9f327aa2ab4fc830548042a
SHA1594291caf2b461fe86f846d4c66c20128f1eb40f
SHA256dcccc333619b89ee291089005f1c698bdf5a2bbb75699b612e9b467ae403b29f
SHA512208ab3f4a37acced5a61ae2cdfa7e6f319bb18e985a8ecad2452e3bcd1f358649ba641a8d6cfb5c7299c3380c8c3005754e251fde859c390c78a6e1cf29ce80e
-
Filesize
8KB
MD5b2aef53fae4a47db46756187d8f71f5a
SHA106409af77a5399863bea27a77d5aef49d30ff456
SHA256da9a3bf84ca2cb0a4c6896ea4605c97b362601ea6a9425cb15206091ddbf071f
SHA512264216f1673bb64e7dfe3da79b157e76da7940398197d4b26741634f8021ab77311479a372b513b96893e36b03fa1661f35ed2a8cfeb3936f76b8d11a2a294b1
-
Filesize
8KB
MD5ec86b7093881d425edc9bc0eb60b6e98
SHA15dac1c9a13e7dff602c0a486301024dbb776c356
SHA256dac8095dce9efa18d1bb4c727c456c72021cb283e59ed02cdbd67d69b3e32007
SHA512fa05d96ee46d00f0413cc07ca05d924986f3ca06ad64675d924bd2d197465c5ec68423c34f40561a4b7605424ed4aeb3fa1837a6c2033e964727d517d3f32570
-
Filesize
8KB
MD538d83b68a3bac83569c1a799d767d835
SHA1ddfe2e9bbba4db37ccfc2169deaf6275ef05f10d
SHA256053a8f01914d5629fdcd2cd1a9a0c482155c975070bb21b7b3517b7a09a5f449
SHA51294dbc1343e0c515272f2d13a8bc8e7978570805e0e28b2a540ebaa362859ae124a6b9a92096a67834f215268b025b30a22f509ea6c6e14b630120be725963a71
-
Filesize
8KB
MD5ce3736aaadbe3048a741a4683ba14a6b
SHA126de011afc165fb55e50f9b708d37b11622efd60
SHA2568c6be179201ed3a58c317288a86a20d19df507fe3c6b0926a83bf53f2256f50d
SHA51233a6ac9edd3835673d4a05be0fcc7f4f690aa6902f39abda576724f327afa86054f86530bcbd606bc2ff9bdf0f78aed9ec42e72d1f6210efb3a50062cbba8cb4
-
Filesize
8KB
MD5e2002abf9794e812fd27d44abb7da5bc
SHA14649d5c58ffbbf9b1cbf4119b182e33c622548c8
SHA25612d5ff8179f76b53c9d78dee0ece146538497a65d6f93088e16bd4b535af4d3b
SHA512c3dd136f012505c3ee3e1e8b62194a9bfaf940e2599baf452c8edca9536d28633adcbed3b1cd03f4a2fdfe0929df0bb3602879f9fcc4c13021cde9e5332a5d54
-
Filesize
8KB
MD5449b6744815d3c5dcef8b953c99bcf4d
SHA1f57eb182059b3a99ccd306f8b5f35316e678a77b
SHA256411e5be4a1b63e3e987c547879936f270c8fba018c9b7ed7e48f63fe5eb6dff2
SHA512edcb55f65b3c048ba0d6934e935a27e4fc7866140e3ccf637103eee3bd238fa9d65e1b3272fae0aac73b24172e57aab0e5e6221a1c5c768975cf3ffdcbfc5def
-
Filesize
116KB
MD5e0471be7b786ea15e64e1bf094c203fa
SHA11df251b8f29870df83c913a151e494bf681f6340
SHA256c4a09a9146594629b4533dae89a5c6e73adf021d4ee32a9822a33f463daae065
SHA51278737dfdf7f0a279488c3ff5071d90da03e8a5150b0ad813b3c1575d13e9508f001b34cd4381b0c6c6330083b55231e9ef8762f698595962ade9d27fd4ac6dcf
-
Filesize
116KB
MD58ed41eead45c7843228114f3c55b8a67
SHA1ce8ee5b60b1f7356c564f79166c2ba56ecdf962a
SHA256cf3faef4eb04aacfad23b992b10c8028905adce9ba65c5adb23b5e3257adf91a
SHA512971e7069eb3cf4790cc6b71714f0f1be10a06e21796f6421a6d61b1cf19132498d3051e65e828a011915de6ad347eb32ed3cdd12c40067f761f39ebf98b80817